class EntryController < ApplicationController
  before_filter :login_required
  
  def initialize
    @reset_entries = Entrysubtype.find_all_by_entrytype_id(1)
  end
  
  def index
  end

  # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
  verify :method => :post, :only => [ :destroy, :create, :update ],
         :redirect_to => { :action => :list }

  def show
    #validate user ownership
    @entry = Entry.find(params[:id])

    if  !(@session['user'].id == @entry.user_id)
      @entry = Entry.new
      #flash[:notice] = 'You are trying to access or modify an entry that is not yours.'
      #TODO: decide on flash versus exception--for something like this probably exception 
      #with global exception page displaying content below
      raise Exception, "You are trying to access or modify an entry that is not yours."
    end  
    
  end

  def new
    reset    
  end

  def create
    @user = @session['user']
    @entry = Entry.new(params[:entry])
    @entry.user = @user
    @entry.type = (Entrysubtype.find_by_id(@entry.entrysubtype_id)).entrysubtype.capitalize + "Entry"
    @entrysubtypes = Entrysubtype.find_all_by_entrytype_id(@entry.entrytype_id)
            
    if @entry.save
      reset
      flash[:notice] = 'Entry was successfully created.'
      render :partial => 'form'
    else
      @entry_pages, @entries = paginate :entries, :order_by => 'occured_at desc', :per_page => 10
      render :action => 'new'
    end 
  end

  def edit
    @entry = Entry.find(params[:id])
      
    if  !(@session['user'].id == @entry.user_id)
      @entry = Entry.new
      raise Exception, "You are trying to access or modify an entry that is not yours."
    else  
      userid = session['user'].id
      @entry_pages, @entries = paginate :entries, :conditions => ["user_id = ?", userid], :order_by => 'occured_at desc', :per_page => 10
      @entrysubtypes = Entrysubtype.find_all_by_entrytype_id(@entry.entrytype_id)
      render :action => 'new'
    end
  end

  def update
    begin
        @entry = Entry.find(params[:id])
        if  !(@session['user'].id == @entry.user_id)
          @entry = Entry.new
          raise Exception, "You are trying to access or modify an entry that is not yours."
        else 
          userid = session['user'].id
          @entry_pages, @entries = paginate :entries, :conditions => ["user_id = ?", userid], :order_by => 'occured_at desc', :per_page => 10
          @entrysubtypes = Entrysubtype.find_all_by_entrytype_id(@entry.entrytype_id)
          
          if @entry.update_attributes(params[:entry])
            reset
            flash[:notice] = 'Entry was successfully updated.'
            render :partial => 'form'
          else
            flash[:notice] = 'Entry was NOT successfully updated.'
            render :action => 'edit'
          end
        end
     #if new and without an ID lookup fails, punt to create
     rescue ActiveRecord::RecordNotFound
        create
     end  
  end

  def destroy
    Entry.find(params[:id]).destroy
    redirect_to :action => 'new'
  end
  
  def filter_entrysubtypes
  end
  
  private
  def reset
     @entry = Entry.new
     userid = session['user'].id
     @entry_pages, @entries = paginate :entries, :conditions => ["user_id = ?", userid], :order_by => 'occured_at desc', :per_page => 10
     @entrysubtypes = @reset_entries
  end
end
